[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
sbryzak at redhat.com
Mon Nov 12 05:59:14 EST 2007
User: sbryzak2
Date: 07/11/12 05:59:14
Modified: src/main/org/jboss/seam/security Identity.java
RuleBasedIdentity.java
Log:
JBSEAM-2239 explicitly clear subject and security context on logout()
Revision Changes Path
1.105 +1 -0 jboss-seam/src/main/org/jboss/seam/security/Identity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Identity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
retrieving revision 1.104
retrieving revision 1.105
diff -u -b -r1.104 -r1.105
--- Identity.java 7 Nov 2007 08:47:28 -0000 1.104
+++ Identity.java 12 Nov 2007 10:59:14 -0000 1.105
@@ -344,6 +344,7 @@
public void logout()
{
principal = null;
+ unAuthenticate();
Session.instance().invalidate();
Events.instance().raiseEvent(EVENT_LOGGED_OUT);
}
1.19 +15 -0 jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: RuleBasedIdentity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -b -r1.18 -r1.19
--- RuleBasedIdentity.java 8 Oct 2007 15:18:15 -0000 1.18
+++ RuleBasedIdentity.java 12 Nov 2007 10:59:14 -0000 1.19
@@ -21,8 +21,10 @@
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.core.Events;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
+import org.jboss.seam.web.Session;
/**
* Identity implementation that supports permission
@@ -253,4 +255,17 @@
{
this.securityRules = securityRules;
}
+
+ @Override
+ public void logout()
+ {
+ // Explicitly destroy the security context
+ if (securityContext != null)
+ {
+ securityContext.dispose();
+ securityContext = null;
+ }
+
+ super.logout();
+ }
}
More information about the jboss-cvs-commits
mailing list